18 Коммитов
| Автор | SHA1 | Сообщение | Дата |
|---|---|---|---|
dependabot[bot]
|
3d9f57f55d
|
chore(deps): Bump cookie and express in /demo-app/frontend (#11521)
Bumps [cookie](https://github.com/jshttp/cookie) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `cookie` from 0.6.0 to 0.7.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jshttp/cookie/releases">cookie's releases</a>.</em></p> <blockquote> <h2>0.7.1</h2> <p><strong>Fixed</strong></p> <ul> <li>Allow leading dot for domain (<a href="https://redirect.github.com/jshttp/cookie/issues/174">#174</a>) <ul> <li>Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec</li> </ul> </li> <li>Add fast path for <code>serialize</code> without options, use <code>obj.hasOwnProperty</code> when parsing (<a href="https://redirect.github.com/jshttp/cookie/issues/172">#172</a>)</li> </ul> <p><a href="https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1">https://github.com/jshttp/cookie/compare/v0.7.0...v0.7.1</a></p> <h2>0.7.0</h2> <ul> <li>perf: parse cookies ~10% faster (<a href="https://redirect.github.com/jshttp/cookie/issues/144">#144</a> by <a href="https://github.com/kurtextrem"><code>@kurtextrem</code></a> and <a href="https://redirect.github.com/jshttp/cookie/issues/170">#170</a>)</li> <li>fix: narrow the validation of cookies to match RFC6265 (<a href="https://redirect.github.com/jshttp/cookie/issues/167">#167</a> by <a href="https://github.com/bewinsnw"><code>@bewinsnw</code></a>)</li> <li>fix: add <code>main</code> to <code>package.json</code> for rspack (<a href="https://redirect.github.com/jshttp/cookie/issues/166">#166</a> by <a href="https://github.com/proudparrot2"><code>@proudparrot2</code></a>)</li> </ul> <p><a href="https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0">https://github.com/jshttp/cookie/compare/v0.6.0...v0.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
3f837cfb44
|
chore(deps): Bump rollup from 2.79.1 to 2.79.2 in /demo-app/frontend (#11445)
Bumps [rollup](https://github.com/rollup/rollup) from 2.79.1 to 2.79.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rollup/rollup/blob/master/CHANGELOG.md">rollup's changelog</a>.</em></p> <blockquote> <h1>rollup changelog</h1> <h2>4.22.5</h2> <p><em>2024-09-27</em></p> <h3>Bug Fixes</h3> <ul> <li>Allow parsing of certain unicode characters again (<a href="https://redirect.github.com/rollup/rollup/issues/5674">#5674</a>)</li> </ul> <h3>Pull Requests</h3> <ul> <li><a href="https://redirect.github.com/rollup/rollup/pull/5674">#5674</a>: Fix panic with unicode characters (<a href="https://github.com/sapphi-red"><code>@sapphi-red</code></a>, <a href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li> <li><a href="https://redirect.github.com/rollup/rollup/pull/5675">#5675</a>: chore(deps): update dependency rollup to v4.22.4 [security] (<a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> <li><a href="https://redirect.github.com/rollup/rollup/pull/5680">#5680</a>: chore(deps): update dependency <code>@rollup/plugin-commonjs</code> to v28 (<a href="https://github.com/renovate"><code>@renovate</code></a>[bot], <a href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li> <li><a href="https://redirect.github.com/rollup/rollup/pull/5681">#5681</a>: chore(deps): update dependency <code>@rollup/plugin-replace</code> to v6 (<a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> <li><a href="https://redirect.github.com/rollup/rollup/pull/5682">#5682</a>: chore(deps): update dependency <code>@rollup/plugin-typescript</code> to v12 (<a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> <li><a href="https://redirect.github.com/rollup/rollup/pull/5684">#5684</a>: chore(deps): lock file maintenance minor/patch updates (<a href="https://github.com/renovate"><code>@renovate</code></a>[bot])</li> </ul> <h2>4.22.4</h2> <p><em>2024-09-21</em></p> <h3>Bug Fixes</h3> <ul> <li>Fix a vulnerability in generated code that affects IIFE, UMD and CJS bundles when run in a browser context (<a href="https://redirect.github.com/rollup/rollup/issues/5671">#5671</a>)</li> </ul> <h3>Pull Requests</h3> <ul> <li><a href="https://redirect.github.com/rollup/rollup/pull/5670">#5670</a>: refactor: Use object.prototype to check for reserved properties (<a href="https://github.com/YuHyeonWook"><code>@YuHyeonWook</code></a>)</li> <li><a href="https://redirect.github.com/rollup/rollup/pull/5671">#5671</a>: Fix DOM Clobbering CVE (<a href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li> </ul> <h2>4.22.3</h2> <p><em>2024-09-21</em></p> <h3>Bug Fixes</h3> <ul> <li>Ensure that mutations in modules without side effects are observed while properly handling transitive dependencies (<a href="https://redirect.github.com/rollup/rollup/issues/5669">#5669</a>)</li> </ul> <h3>Pull Requests</h3> <ul> <li><a href="https://redirect.github.com/rollup/rollup/pull/5669">#5669</a>: Ensure impure dependencies of pure modules are added (<a href="https://github.com/lukastaegert"><code>@lukastaegert</code></a>)</li> </ul> <h2>4.22.2</h2> <p><em>2024-09-20</em></p> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
3e6ac8e80d
|
chore(deps): Bump send and express in /demo-app/frontend (#11378)
Bumps [send](https://github.com/pillarjs/send) and [express](https://github.com/expressjs/express). These dependencies needed to be updated together. Updates `send` from 0.18.0 to 0.19.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pillarjs/send/releases">send's releases</a>.</em></p> <blockquote> <h2>0.19.0</h2> <h2>What's Changed</h2> <ul> <li>Remove link renderization in html while redirecting (<a href="https://redirect.github.com/pillarjs/send/pull/235">pillarjs/send#235</a>)</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/UlisesGascon"><code>@UlisesGascon</code></a> made their first contribution in <a href="https://redirect.github.com/pillarjs/send/pull/235">pillarjs/send#235</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/pillarjs/send/compare/0.18.0...0.19.0">https://github.com/pillarjs/send/compare/0.18.0...0.19.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pillarjs/send/blob/master/HISTORY.md">send's changelog</a>.</em></p> <blockquote> <h1>0.19.0 / 2024-09-10</h1> <ul> <li>Remove link renderization in html while redirecting</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
63a07414f8
|
chore(deps): Bump micromatch from 4.0.5 to 4.0.8 in /demo-app/frontend (#11258)
Bumps [micromatch](https://github.com/micromatch/micromatch) from 4.0.5 to 4.0.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/micromatch/micromatch/releases">micromatch's releases</a>.</em></p> <blockquote> <h2>4.0.8</h2> <p>Ultimate release that fixes both CVE-2024-4067 and CVE-2024-4068. We consider the issues low-priority, so even if you see automated scanners saying otherwise, don't be scared.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/micromatch/micromatch/blob/master/CHANGELOG.md">micromatch's changelog</a>.</em></p> <blockquote> <h2>[4.0.8] - 2024-08-22</h2> <ul> <li>backported CVE-2024-4067 fix (from v4.0.6) over to 4.x branch</li> </ul> <h2>[4.0.7] - 2024-05-22</h2> <ul> <li>this is basically v4.0.5, with some README updates</li> <li><strong>it is vulnerable to CVE-2024-4067</strong></li> <li>Updated braces to v3.0.3 to avoid CVE-2024-4068</li> <li>does NOT break API compatibility</li> </ul> <h2>[4.0.6] - 2024-05-21</h2> <ul> <li>Added <code>hasBraces</code> to check if a pattern contains braces.</li> <li>Fixes CVE-2024-4067</li> <li><strong>BREAKS API COMPATIBILITY</strong></li> <li>Should be labeled as a major release, but it's not.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
3167371f9d
|
chore(deps): Bump webpack from 5.88.2 to 5.94.0 in /demo-app/frontend (#11247)
Bumps [webpack](https://github.com/webpack/webpack) from 5.88.2 to 5.94.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack/releases">webpack's releases</a>.</em></p> <blockquote> <h2>v5.94.0</h2> <h2>Bug Fixes</h2> <ul> <li>Added runtime condition for harmony reexport checked</li> <li>Handle properly <code>data</code>/<code>http</code>/<code>https</code> protocols in source maps</li> <li>Make <code>bigint</code> optimistic when browserslist not found</li> <li>Move <code>@types/eslint-scope</code> to dev deps</li> <li>Related in asset stats is now always an array when no related found</li> <li>Handle ASI for export declarations</li> <li>Mangle destruction incorrect with export named default properly</li> <li>Fixed unexpected asi generation with sequence expression</li> <li>Fixed a lot of types</li> </ul> <h2>New Features</h2> <ul> <li>Added new external type "module-import"</li> <li>Support <code>webpackIgnore</code> for <code>new URL()</code> construction</li> <li>[CSS] <code>@import</code> pathinfo support</li> </ul> <h2>Security</h2> <ul> <li>Fixed DOM clobbering in auto public path</li> </ul> <h2>v5.93.0</h2> <h2>Bug Fixes</h2> <ul> <li>Generate correct relative path to runtime chunks</li> <li>Makes <code>DefinePlugin</code> quieter under default log level</li> <li>Fixed mangle destructuring default in namespace import</li> <li>Fixed consumption of eager shared modules for module federation</li> <li>Strip slash for pretty regexp</li> <li>Calculate correct contenthash for CSS generator options</li> </ul> <h2>New Features</h2> <ul> <li>Added the <code>binary</code> generator option for asset modules to explicitly keep source maps produced by loaders</li> <li>Added the <code>modern-module</code> library value for tree shakable output</li> <li>Added the <code>overrideStrict</code> option to override strict or non-strict mode for javascript modules</li> </ul> <h2>v5.92.1</h2> <h2>Bug Fixes</h2> <ul> <li>Doesn't crash with an error when the css experiment is enabled and contenthash is used</li> </ul> <h2>v5.92.0</h2> <h2>Bug Fixes</h2> <ul> <li>Correct tidle range's comutation for module federation</li> <li>Consider runtime for pure expression dependency update hash</li> <li>Return value in the <code>subtractRuntime</code> function for runtime logic</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|
Yashika Khurana
|
9320b4c603
|
test(cirrus): Cirrus preview flag (#11167)
Because - We added preview flag support for Cirrus to enable them to QA This commit - Add a new test to test preview flag functionality Fixes #11103 Note: Working on to send it to main collection |
|
|
dependabot[bot]
|
453752805e
|
chore(deps): Bump braces from 3.0.2 to 3.0.3 in /demo-app/frontend (#10874)
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
84ebb5da38
|
chore(deps): Bump ejs from 3.1.9 to 3.1.10 in /demo-app/frontend (#10643)
Bumps [ejs](https://github.com/mde/ejs) from 3.1.9 to 3.1.10. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mde/ejs/releases">ejs's releases</a>.</em></p> <blockquote> <h2>v3.1.10</h2> <p>Version 3.1.10</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
9e9bf6b2d7
|
chore(deps): Bump express from 4.18.2 to 4.19.2 in /demo-app/frontend (#10480)
Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/expressjs/express/releases">express's releases</a>.</em></p> <blockquote> <h2>4.19.2</h2> <h2>What's Changed</h2> <ul> <li><a href=" |
|
|
dependabot[bot]
|
af3b15b995
|
chore(deps): Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /demo-app/frontend (#10461)
Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webpack/webpack-dev-middleware/releases">webpack-dev-middleware's releases</a>.</em></p> <blockquote> <h2>v5.3.4</h2> <h3><a href="https://github.com/webpack/webpack-dev-middleware/compare/v5.3.3...v5.3.4">5.3.4</a> (2024-03-20)</h3> <h3>Bug Fixes</h3> <ul> <li><strong>security:</strong> do not allow to read files above (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1779">#1779</a>) (<a href=" |
|
|
dependabot[bot]
|
cd1ad72cf8
|
chore(deps): Bump follow-redirects from 1.15.4 to 1.15.6 in /demo-app/frontend (#10420)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.4 to 1.15.6. <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
3f99374fb4
|
chore(deps): Bump follow-redirects from 1.15.2 to 1.15.4 in /demo-app/frontend (#10018)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.2 to 1.15.4. <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
dependabot[bot]
|
4e9817ce70
|
chore(deps): Bump @adobe/css-tools from 4.3.1 to 4.3.2 in /demo-app/frontend (#9871)
Bumps [@adobe/css-tools](https://github.com/adobe/css-tools) from 4.3.1 to 4.3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/adobe/css-tools/blob/main/History.md"><code>@adobe/css-tools</code>'s changelog</a>.</em></p> <blockquote> <h1>4.3.2 / 2023-11-28</h1> <ul> <li>Fix redos vulnerability with specific crafted css string - CVE-2023-48631</li> <li>Fix Problem parsing with :is() and nested :nth-child() <a href="https://redirect.github.com/adobe/css-tools/issues/211">#211</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/adobe/css-tools/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mozilla/experimenter/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
|
|
dependabot[bot]
|
0fee3d3bf0
|
chore(deps): Bump @babel/traverse from 7.22.10 to 7.23.2 in /demo-app/frontend (#9591)
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.22.10 to 7.23.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/babel/babel/releases"><code>@babel/traverse</code>'s releases</a>.</em></p> <blockquote> <h2>v7.23.2 (2023-10-11)</h2> <p><strong>NOTE</strong>: This release also re-publishes <code>@babel/core</code>, even if it does not appear in the linked release commit.</p> <p>Thanks <a href="https://github.com/jimmydief"><code>@jimmydief</code></a> for your first PR!</p> <h4>🐛 Bug Fix</h4> <ul> <li><code>babel-traverse</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16033">#16033</a> Only evaluate own String/Number/Math methods (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-preset-typescript</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16022">#16022</a> Rewrite <code>.tsx</code> extension when using <code>rewriteImportExtensions</code> (<a href="https://github.com/jimmydief"><code>@jimmydief</code></a>)</li> </ul> </li> <li><code>babel-helpers</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16017">#16017</a> Fix: fallback to typeof when toString is applied to incompatible object (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li> </ul> </li> <li><code>babel-helpers</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16025">#16025</a> Avoid override mistake in namespace imports (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> </ul> <h4>Committers: 5</h4> <ul> <li>Babel Bot (<a href="https://github.com/babel-bot"><code>@babel-bot</code></a>)</li> <li>Huáng Jùnliàng (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li> <li>James Diefenderfer (<a href="https://github.com/jimmydief"><code>@jimmydief</code></a>)</li> <li>Nicolò Ribaudo (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> <li><a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a></li> </ul> <h2>v7.23.1 (2023-09-25)</h2> <p>Re-publishing <code>@babel/helpers</code> due to a publishing error in 7.23.0.</p> <h2>v7.23.0 (2023-09-25)</h2> <p>Thanks <a href="https://github.com/lorenzoferre"><code>@lorenzoferre</code></a> and <a href="https://github.com/RajShukla1"><code>@RajShukla1</code></a> for your first PRs!</p> <h4>🚀 New Feature</h4> <ul> <li><code>babel-plugin-proposal-import-wasm-source</code>, <code>babel-plugin-syntax-import-source</code>, <code>babel-plugin-transform-dynamic-import</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15870">#15870</a> Support transforming <code>import source</code> for wasm (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-helper-module-transforms</code>, <code>babel-helpers</code>, <code>babel-plugin-proposal-import-defer</code>, <code>babel-plugin-syntax-import-defer</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code>, <code>babel-standalone</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15878">#15878</a> Implement <code>import defer</code> proposal transform support (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-generator</code>, <code>babel-parser</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15845">#15845</a> Implement <code>import defer</code> parsing support (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> <li><a href="https://redirect.github.com/babel/babel/pull/15829">#15829</a> Add parsing support for the "source phase imports" proposal (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-generator</code>, <code>babel-helper-module-transforms</code>, <code>babel-parser</code>, <code>babel-plugin-transform-dynamic-import</code>, <code>babel-plugin-transform-modules-amd</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-plugin-transform-modules-systemjs</code>, <code>babel-traverse</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15682">#15682</a> Add <code>createImportExpressions</code> parser option (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li> </ul> </li> <li><code>babel-standalone</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15671">#15671</a> Pass through nonce to the transformed script element (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li> </ul> </li> <li><code>babel-helper-function-name</code>, <code>babel-helper-member-expression-to-functions</code>, <code>babel-helpers</code>, <code>babel-parser</code>, <code>babel-plugin-proposal-destructuring-private</code>, <code>babel-plugin-proposal-optional-chaining-assign</code>, <code>babel-plugin-syntax-optional-chaining-assign</code>, <code>babel-plugin-transform-destructuring</code>, <code>babel-plugin-transform-optional-chaining</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code>, <code>babel-standalone</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15751">#15751</a> Add support for optional chain in assignments (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-helpers</code>, <code>babel-plugin-proposal-decorators</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15895">#15895</a> Implement the "decorator metadata" proposal (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-traverse</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15893">#15893</a> Add <code>t.buildUndefinedNode</code> (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li> </ul> </li> <li><code>babel-preset-typescript</code></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/babel/babel/blob/main/CHANGELOG.md"><code>@babel/traverse</code>'s changelog</a>.</em></p> <blockquote> <h2>v7.23.2 (2023-10-11)</h2> <h4>🐛 Bug Fix</h4> <ul> <li><code>babel-traverse</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16033">#16033</a> Only evaluate own String/Number/Math methods (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-preset-typescript</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16022">#16022</a> Rewrite <code>.tsx</code> extension when using <code>rewriteImportExtensions</code> (<a href="https://github.com/jimmydief"><code>@jimmydief</code></a>)</li> </ul> </li> <li><code>babel-helpers</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16017">#16017</a> Fix: fallback to typeof when toString is applied to incompatible object (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li> </ul> </li> <li><code>babel-helpers</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/16025">#16025</a> Avoid override mistake in namespace imports (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> </ul> <h2>v7.23.0 (2023-09-25)</h2> <h4>🚀 New Feature</h4> <ul> <li><code>babel-plugin-proposal-import-wasm-source</code>, <code>babel-plugin-syntax-import-source</code>, <code>babel-plugin-transform-dynamic-import</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15870">#15870</a> Support transforming <code>import source</code> for wasm (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-helper-module-transforms</code>, <code>babel-helpers</code>, <code>babel-plugin-proposal-import-defer</code>, <code>babel-plugin-syntax-import-defer</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code>, <code>babel-standalone</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15878">#15878</a> Implement <code>import defer</code> proposal transform support (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-generator</code>, <code>babel-parser</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15845">#15845</a> Implement <code>import defer</code> parsing support (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> <li><a href="https://redirect.github.com/babel/babel/pull/15829">#15829</a> Add parsing support for the "source phase imports" proposal (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-generator</code>, <code>babel-helper-module-transforms</code>, <code>babel-parser</code>, <code>babel-plugin-transform-dynamic-import</code>, <code>babel-plugin-transform-modules-amd</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-plugin-transform-modules-systemjs</code>, <code>babel-traverse</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15682">#15682</a> Add <code>createImportExpressions</code> parser option (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li> </ul> </li> <li><code>babel-standalone</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15671">#15671</a> Pass through nonce to the transformed script element (<a href="https://github.com/JLHwung"><code>@JLHwung</code></a>)</li> </ul> </li> <li><code>babel-helper-function-name</code>, <code>babel-helper-member-expression-to-functions</code>, <code>babel-helpers</code>, <code>babel-parser</code>, <code>babel-plugin-proposal-destructuring-private</code>, <code>babel-plugin-proposal-optional-chaining-assign</code>, <code>babel-plugin-syntax-optional-chaining-assign</code>, <code>babel-plugin-transform-destructuring</code>, <code>babel-plugin-transform-optional-chaining</code>, <code>babel-runtime-corejs2</code>, <code>babel-runtime-corejs3</code>, <code>babel-runtime</code>, <code>babel-standalone</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15751">#15751</a> Add support for optional chain in assignments (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-helpers</code>, <code>babel-plugin-proposal-decorators</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15895">#15895</a> Implement the "decorator metadata" proposal (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-traverse</code>, <code>babel-types</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15893">#15893</a> Add <code>t.buildUndefinedNode</code> (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li> </ul> </li> <li><code>babel-preset-typescript</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15913">#15913</a> Add <code>rewriteImportExtensions</code> option to TS preset (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> <li><code>babel-parser</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15896">#15896</a> Allow TS tuples to have both labeled and unlabeled elements (<a href="https://github.com/yukukotani"><code>@yukukotani</code></a>)</li> </ul> </li> </ul> <h4>🐛 Bug Fix</h4> <ul> <li><code>babel-plugin-transform-block-scoping</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15962">#15962</a> fix: <code>transform-block-scoping</code> captures the variables of the method in the loop (<a href="https://github.com/liuxingbaoyu"><code>@liuxingbaoyu</code></a>)</li> </ul> </li> </ul> <h4>💅 Polish</h4> <ul> <li><code>babel-traverse</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15797">#15797</a> Expand evaluation of global built-ins in <code>@babel/traverse</code> (<a href="https://github.com/lorenzoferre"><code>@lorenzoferre</code></a>)</li> </ul> </li> <li><code>babel-plugin-proposal-explicit-resource-management</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15985">#15985</a> Improve source maps for blocks with <code>using</code> declarations (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> </ul> <h4>🔬 Output optimization</h4> <ul> <li><code>babel-core</code>, <code>babel-helper-module-transforms</code>, <code>babel-plugin-transform-async-to-generator</code>, <code>babel-plugin-transform-classes</code>, <code>babel-plugin-transform-dynamic-import</code>, <code>babel-plugin-transform-function-name</code>, <code>babel-plugin-transform-modules-amd</code>, <code>babel-plugin-transform-modules-commonjs</code>, <code>babel-plugin-transform-modules-umd</code>, <code>babel-plugin-transform-parameters</code>, <code>babel-plugin-transform-react-constant-elements</code>, <code>babel-plugin-transform-react-inline-elements</code>, <code>babel-plugin-transform-runtime</code>, <code>babel-plugin-transform-typescript</code>, <code>babel-preset-env</code> <ul> <li><a href="https://redirect.github.com/babel/babel/pull/15984">#15984</a> Inline <code>exports.XXX =</code> update in simple variable declarations (<a href="https://github.com/nicolo-ribaudo"><code>@nicolo-ribaudo</code></a>)</li> </ul> </li> </ul> <h2>v7.22.20 (2023-09-16)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
|
|
Yashika Khurana
|
dc66489d36
|
fix #9288 feat(cirrus): Editable client id and context (#9370)
Because - Currently, to test the demo app with Cirrus, we have a static client ID and context This commit - Provide a way so that we can dynamically pass the client ID and context to the demo app frontend, which will help us in the integration tests to test with different scenarios - The above code is modified in such a way that if client id and context is provided, then it will override the default values <img width="820" alt="Screenshot 2023-09-06 at 1 00 50 AM" src="https://github.com/mozilla/experimenter/assets/25848231/e1f8c394-55f9-4021-99fe-6becbccce170"> fixes #9288 |
|
|
dependabot[bot]
|
b84995e8a4
|
chore(deps): Bump @adobe/css-tools from 4.3.0 to 4.3.1 in /demo-app/frontend (#9326)
Bumps [@adobe/css-tools](https://github.com/adobe/css-tools) from 4.3.0 to 4.3.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/adobe/css-tools/blob/main/History.md"><code>@adobe/css-tools</code>'s changelog</a>.</em></p> <blockquote> <h1>4.3.1 / 2023-03-14</h1> <ul> <li>Fix redos vulnerability with specific crafted css string - CVE-2023-26364</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/adobe/css-tools/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/mozilla/experimenter/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
|
|
Yashika Khurana
|
d73217d069
|
fix #9265 feat(cirrus): Demo app integration with fml and cirrus (#9289)
Because - We want to test Cirrus end to end with the local remote setting, including fml and experimenter to launch an experiment for the Demo app This commit - Integrate fml, remote settings, experimenter, cirrus to demo app - Fixes RS pushing to web PS: currently it uses the static value for client and context, in the next ticket work, we will add an option in the frontend app to set the client value and context https://github.com/mozilla/experimenter/issues/9288 fixes #9265 |
|
|
Yashika Khurana
|
636b828f17
|
fix #9243 feat(cirrus): Demo app frontend and server (#9250)
Because - We want to test cirrus end to end This commit - Introduces demo app with frontend and server - Make command to build and run the demo app- `make build_demo_app` `make run_demo_app` - The frontend of the Demo App is accessible at [http://localhost:8080](http://localhost:8080) - The backend of the Demo App is accessible at [http://localhost:3002](http://localhost:3002) ps: FML and cirrus integration will come in different PR fixes #9243 fixes #9244 |